SlideShare a Scribd company logo

Phishing - A Game of Deception

Download as PPTX, PDF
D
Digital35

Phishing is a cybercrime in which a target is contacted by email, or message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and any bank card details, and passwords. To know more: https://www.infopercept.com/phishing-a-game-of-deception

Technology
1 of 34
"Infopercept Proprietary Material - Please do not copy or distribute". Leveraging Opensource Deception, SIEM, SOAR,Threat Intel Sophisticated Email Phishing Detection and Prevention All trademarks, logos, and brand names are the property of their respective owners. Instant Pay
"Infopercept Proprietary Material - Please do not copy or distribute". PHISHING A Game of Deception 2
"Infopercept Proprietary Material - Please do not copy or distribute". Phishing – A Game of Deception OftheUsersare unabletorecognizea sophisticatedPhishing Email 97% Thefirsthalfof2021showsa 22%increasein thevolumeofPhishing Attacksoverthe sametimeperiodlastyear 22% Oforganizationsaroundtheworld experiencedsomekindofPhishing Attackin 2020 75%
"Infopercept Proprietary Material - Please do not copy or distribute". Spamand Phishing in Q12021 Geography of Phishing Attacks Organizations Under Attack Source: https://securelist.com/spam-and-phishing-in-q1-2021/102018/
"Infopercept Proprietary Material - Please do not copy or distribute". Email with Link 1.Attackersends email 2.Victimclicks onlink inthe emailandgoestomalicious website Attacker Victim 3.Attackercollectsvictims credentials Legitimate website 4.Attackersusesvictims credentialstoaccesswebsite
"Infopercept Proprietary Material - Please do not copy or distribute". Email with Attachment 1.Adversariessendsphishing emailswithattachment. 2.Victimopenstheemailand downloadtheattachment Adversaries Victim 3.AttachmentcontainsMalware.The Malwaredownloadsmaliciousfiles 4.The maliciouscode encrypts thefiles.
"Infopercept Proprietary Material - Please do not copy or distribute". Secure Email Gateway is NOTthat Secure ZeroDayAttack Attacker Business CompromiseEmail Attack Signature-less Threat InternalEmailThreat Email Security Gateway Email Service Bypass
"Infopercept Proprietary Material - Please do not copy or distribute". Westart with Email security to prevent usual phishing attacks. Where phishing gets sophisticated and smart with deception, wealso make our anti-phishing approach smart with deception.
"Infopercept Proprietary Material - Please do not copy or distribute". Next Gen ManagedSOC 1. Personalized Threat Intelligence 2. Detection 3. Prevention
"Infopercept Proprietary Material - Please do not copy or distribute". How we work ? Adversaries We createsocialmedia decoyusingrealcompanydetailsand emailid as a deceptionfor attackers. E.g. : abc@example.com Adversariesgetphishedwith ourdeceptionto launchtheir phishingattacktargetingthedecoyemail id. Notification DeceptionMonitoring SOC Monitoring SOAR – Orchestration and Automation Email Security Gateway Firewall Action Action Threat Intelligence- Exchange of IOCs
"Infopercept Proprietary Material - Please do not copy or distribute". Steps 1. Wecreate decoyEmail Address for the userlike : stevend@example.com orstevend@myexample.com 2. Wecreate the users decoy Social Media Account
"Infopercept Proprietary Material - Please do not copy or distribute". Email Box
"Infopercept Proprietary Material - Please do not copy or distribute". Social Media Profile
"Infopercept Proprietary Material - Please do not copy or distribute". NoDecoyin Email Client
"Infopercept Proprietary Material - Please do not copy or distribute". Now we AddtoEmail Client Decoy
"Infopercept Proprietary Material - Please do not copy or distribute". Now we Addrequired details to Email Client Decoy
"Infopercept Proprietary Material - Please do not copy or distribute". We then addrequisite details to Email Client Decoy
"Infopercept Proprietary Material - Please do not copy or distribute". Email Client Decoy is now set togo toDecoyManagement TheClicktoManage Decoyletsyou toseetheAddedDecoy ListonLeftSideoftheDecoy ManagementPage.
"Infopercept Proprietary Material - Please do not copy or distribute". Dejavu Console PagetoSeetheActiveAttacks– Atthisstage,wedon’thaveanyActiveAttackLogsonConsole
"Infopercept Proprietary Material - Please do not copy or distribute". Sending Email SendanEmail toStevend@myexmaple.comuserfor Phishingobjective.
"Infopercept Proprietary Material - Please do not copy or distribute". Email Box Usermailbox iscurrentlyemptyandthereare noexistingEmails
"Infopercept Proprietary Material - Please do not copy or distribute". Dejavu Attacks logs PhishingEmail AddressisShowingon DejavuAttackslogs –ForDetailedLogsandtoseetheemailContentyouneedtoClickView Logs
"Infopercept Proprietary Material - Please do not copy or distribute". Email Phishing Client Detail Logs ToseethePhishingEmail Content,click on Envelopicon andDownloadtheEmail
"Infopercept Proprietary Material - Please do not copy or distribute". Sending Email SendanEmail toStevend@myexmaple.com userforPhishingPurpose Note:ThisLogTriggersWAZUHSIEM TOOL
"Infopercept Proprietary Material - Please do not copy or distribute". Phishing Email Alert on Dejavu Console
"Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Dashboard Alert
"Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Phishing Email Event Log
"Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Phishing Email SecurityEvents Log
"Infopercept Proprietary Material - Please do not copy or distribute". WAZUH SIEM – SHUFFLESOAR Integration through Webhook Wazuh SIEM Integration with Shuffle SOAR for Automated Playbook to be executed for blocking the IP Address
"Infopercept Proprietary Material - Please do not copy or distribute". SHUFFLE SOARPlaybook How Playbook would work ? 1 - Dejavu triggers an alert and sends it to Wazuh SIEM through syslog configuration. 2 - Integration of Wazuh SIEM is done with Shuffle. 3 - When an alert triggers in Wazuh from the Deception Email Client, it triggers the Shuffle Workflow. 4 - The system then starts analysis of the email header and IP Address. 5 - It pushes the IP address to MISP Threat Exchange Database for future reference and marks it as blacklisted. 6 - Creates a case in the Case Management Tool. 7 - Blocks IP Address in Email Security Gateway and Firewall
"Infopercept Proprietary Material - Please do not copy or distribute". Forcybersecurity to have an upper hand, attacker’s sense is the most important approach. Like anti-phishing, in everycounter, attackers' tactics can be used to design and executea proactive cybersecurity solution. Opensource cybersecurity innovations help in leveraging attacker’s intelligence to preparecounter cybersecurity intelligence.
"Infopercept Proprietary Material - Please do not copy or distribute". Automatic Incidence Response for Anti-Phishing Leveraging Deception 32 Personalized Threat Intelligence Gathering SMS Email Notification Notification Open Ticket Ticket Shuffle Soar Wazuh SIEM Shuffle Check Reputations Check Existing DB Block IP in NetworkFirewall API Webhook On Sending Email on Decoy Email Decoy 1.OBSERVE 2.ORIENT 3.DECIDE 4.ACT Case Management for SOC Team Social Media Decoy Block IOC in Email Security Gateway
"Infopercept Proprietary Material - Please do not copy or distribute". Infopercept’s vision and core values revolve around making organizations more secure through the core values of Honesty, Transparency and Knowledge, so as to enable them to make better informed decisions about their security practices & goals. With our synergistic vision to combine technical expertise and professional experience, we aim to further establish our place as a one stop shop for our clients and partners’ cybersecurity and accreditation needs. Our specialized core team comprises of experienced veterans, technical experts & security enthusiasts having good practical experience & thorough knowledge in the Cybersecurity domain, are abreast of the latest trends and security innovations; ensuring that you always get the best security approach & solutions for your specific business needs, exactly the way you want it to be. About Infopercept Imprint © Infopercept Consulting Pvt. Ltd. 2021 Publisher H-1209, Titanium City Center, Satellite Road, Ahmedabad – 380 015, Gujarat, India. Contact Info M: +91 9898857117 W: www.infopercept.com E: sos@infopercept.com By accessing/ proceeding further with usage of this platform / tool / site /application, you agree with the Infopercept Consulting Pvt. Ltd.’s (ICPL) privacy policy and standard terms and conditions along with providing your consent to/for the same. For detailed understanding and review of privacy policy and standard terms and conditions. kindly visit www.infopercept.com or refer our privacy policy and standard terms and conditions. Global Offices United State of America +1 516 713 5040 United Kingdom +44 2035002056 Sri Lanka +94 702 958 909 Kuwait +965 6099 1177 India +91 9898857117 33
"Infopercept Proprietary Material - Please do not copy or distribute". 34

Recommended

Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)
aleeya91
 
Phishing
PhishingPhishing
Phishing
Syahida
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
Sreejith.D. Menon
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Phishing
PhishingPhishing
Phishing
oitaoming
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishing
MH BS
 
Phishing
PhishingPhishing
Phishing
Kiran Patil
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 

Recommended

Ict Phishing (Present)
Ict Phishing (Present)Ict Phishing (Present)
Ict Phishing (Present)
aleeya91
 
Phishing
PhishingPhishing
Phishing
Syahida
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
Sreejith.D. Menon
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Phishing
PhishingPhishing
Phishing
oitaoming
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishing
MH BS
 
Phishing
PhishingPhishing
Phishing
Kiran Patil
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
Shethwala Ridhvesh
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
sourav newatia
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
Avishek Datta
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
Mark Mair
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
vineetkathan
 
Phishing
PhishingPhishing
Phishing
defquon
 
Phishing
PhishingPhishing
Phishing
shivli0769
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
elakkiya poongunran
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
anjuselina
 
Phishing
PhishingPhishing
Phishing
Syeda Javeria
 
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp. Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
mariotoronto
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
Preeti Papneja
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
temi
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
tamfin
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
Nalneesh Gaur
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishing
Raviteja Chowdary Adusumalli
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
Md. Mehadi Hassan Bappy
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attack
Vade Secure
 
A Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdfA Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdf
Infosec Train
 

More Related Content

What's hot

Anti phishing
Anti phishingAnti phishing
Anti phishing
Shethwala Ridhvesh
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
sourav newatia
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
Avishek Datta
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
Mark Mair
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
vineetkathan
 
Phishing
PhishingPhishing
Phishing
defquon
 
Phishing
PhishingPhishing
Phishing
shivli0769
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
elakkiya poongunran
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
anjuselina
 
Phishing
PhishingPhishing
Phishing
Syeda Javeria
 
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp. Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
mariotoronto
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
Preeti Papneja
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
temi
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
tamfin
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
Nalneesh Gaur
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishing
Raviteja Chowdary Adusumalli
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
Md. Mehadi Hassan Bappy
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 

What's hot (20)

Anti phishing
Anti phishingAnti phishing
Anti phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
 
Phishing
PhishingPhishing
Phishing
 
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp. Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
Online Fraud and Identity Theft: Transact Safely - Symantec Corp.
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Introduction to phishing
Introduction to phishingIntroduction to phishing
Introduction to phishing
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
 

Similar to Phishing - A Game of Deception

The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attack
Vade Secure
 
A Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdfA Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdf
Infosec Train
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
WeSecureApp
 
What about Two Factor Authentication?
What about Two Factor Authentication? What about Two Factor Authentication?
What about Two Factor Authentication?
Sinch
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
IRJET Journal
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
Strategic Insurance Software
 
Using Deception to Detect and Profile Hidden Threats
Using Deception to Detect and Profile Hidden ThreatsUsing Deception to Detect and Profile Hidden Threats
Using Deception to Detect and Profile Hidden Threats
Satnam Singh
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 
What Types Of Information ECommerce Sites Need To.pdf
What Types Of Information ECommerce Sites Need To.pdfWhat Types Of Information ECommerce Sites Need To.pdf
What Types Of Information ECommerce Sites Need To.pdf
Host It Smart
 
Cyber Security School Workshop
Cyber Security School WorkshopCyber Security School Workshop
Cyber Security School Workshop
Rahul Nayan
 
Strategies for Seamless Recovery in a Dynamic Data Landscape
Strategies for Seamless Recovery in a Dynamic Data LandscapeStrategies for Seamless Recovery in a Dynamic Data Landscape
Strategies for Seamless Recovery in a Dynamic Data Landscape
MyNOG
 
Why Cybercriminals are targeting Small Businesses
Why Cybercriminals are targeting Small BusinessesWhy Cybercriminals are targeting Small Businesses
Why Cybercriminals are targeting Small Businesses
D-Amies Technologies (P) Ltd.
 
10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security
ThrottleNet, Inc
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
Prolifics
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
jlieberman07
 
Cyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small BusinessesCyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small Businesses
ntoscano50
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
NetWatcher
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
IRJET Journal
 
10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud
WebSitePulse
 

Similar to Phishing - A Game of Deception (20)

The anatomy of a spear phishing attack
The anatomy of a spear phishing attackThe anatomy of a spear phishing attack
The anatomy of a spear phishing attack
 
A Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdfA Guide to Cyber Etiquette.pdf
A Guide to Cyber Etiquette.pdf
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
What about Two Factor Authentication?
What about Two Factor Authentication? What about Two Factor Authentication?
What about Two Factor Authentication?
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
 
Using Deception to Detect and Profile Hidden Threats
Using Deception to Detect and Profile Hidden ThreatsUsing Deception to Detect and Profile Hidden Threats
Using Deception to Detect and Profile Hidden Threats
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
What Types Of Information ECommerce Sites Need To.pdf
What Types Of Information ECommerce Sites Need To.pdfWhat Types Of Information ECommerce Sites Need To.pdf
What Types Of Information ECommerce Sites Need To.pdf
 
Cyber Security School Workshop
Cyber Security School WorkshopCyber Security School Workshop
Cyber Security School Workshop
 
Strategies for Seamless Recovery in a Dynamic Data Landscape
Strategies for Seamless Recovery in a Dynamic Data LandscapeStrategies for Seamless Recovery in a Dynamic Data Landscape
Strategies for Seamless Recovery in a Dynamic Data Landscape
 
Why Cybercriminals are targeting Small Businesses
Why Cybercriminals are targeting Small BusinessesWhy Cybercriminals are targeting Small Businesses
Why Cybercriminals are targeting Small Businesses
 
10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security
 
Identity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access ManagementIdentity intelligence: Threat-aware Identity and Access Management
Identity intelligence: Threat-aware Identity and Access Management
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 
Cyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small BusinessesCyber Risks & Liabilities - Cyber Security for Small Businesses
Cyber Risks & Liabilities - Cyber Security for Small Businesses
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud
 

Recently uploaded

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 

Recently uploaded (20)

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 

Phishing - A Game of Deception

  • 1. "Infopercept Proprietary Material - Please do not copy or distribute". Leveraging Opensource Deception, SIEM, SOAR,Threat Intel Sophisticated Email Phishing Detection and Prevention All trademarks, logos, and brand names are the property of their respective owners. Instant Pay
  • 2. "Infopercept Proprietary Material - Please do not copy or distribute". PHISHING A Game of Deception 2
  • 3. "Infopercept Proprietary Material - Please do not copy or distribute". Phishing – A Game of Deception OftheUsersare unabletorecognizea sophisticatedPhishing Email 97% Thefirsthalfof2021showsa 22%increasein thevolumeofPhishing Attacksoverthe sametimeperiodlastyear 22% Oforganizationsaroundtheworld experiencedsomekindofPhishing Attackin 2020 75%
  • 4. "Infopercept Proprietary Material - Please do not copy or distribute". Spamand Phishing in Q12021 Geography of Phishing Attacks Organizations Under Attack Source: https://securelist.com/spam-and-phishing-in-q1-2021/102018/
  • 5. "Infopercept Proprietary Material - Please do not copy or distribute". Email with Link 1.Attackersends email 2.Victimclicks onlink inthe emailandgoestomalicious website Attacker Victim 3.Attackercollectsvictims credentials Legitimate website 4.Attackersusesvictims credentialstoaccesswebsite
  • 6. "Infopercept Proprietary Material - Please do not copy or distribute". Email with Attachment 1.Adversariessendsphishing emailswithattachment. 2.Victimopenstheemailand downloadtheattachment Adversaries Victim 3.AttachmentcontainsMalware.The Malwaredownloadsmaliciousfiles 4.The maliciouscode encrypts thefiles.
  • 7. "Infopercept Proprietary Material - Please do not copy or distribute". Secure Email Gateway is NOTthat Secure ZeroDayAttack Attacker Business CompromiseEmail Attack Signature-less Threat InternalEmailThreat Email Security Gateway Email Service Bypass
  • 8. "Infopercept Proprietary Material - Please do not copy or distribute". Westart with Email security to prevent usual phishing attacks. Where phishing gets sophisticated and smart with deception, wealso make our anti-phishing approach smart with deception.
  • 9. "Infopercept Proprietary Material - Please do not copy or distribute". Next Gen ManagedSOC 1. Personalized Threat Intelligence 2. Detection 3. Prevention
  • 10. "Infopercept Proprietary Material - Please do not copy or distribute". How we work ? Adversaries We createsocialmedia decoyusingrealcompanydetailsand emailid as a deceptionfor attackers. E.g. : abc@example.com Adversariesgetphishedwith ourdeceptionto launchtheir phishingattacktargetingthedecoyemail id. Notification DeceptionMonitoring SOC Monitoring SOAR – Orchestration and Automation Email Security Gateway Firewall Action Action Threat Intelligence- Exchange of IOCs
  • 11. "Infopercept Proprietary Material - Please do not copy or distribute". Steps 1. Wecreate decoyEmail Address for the userlike : stevend@example.com orstevend@myexample.com 2. Wecreate the users decoy Social Media Account
  • 12. "Infopercept Proprietary Material - Please do not copy or distribute". Email Box
  • 13. "Infopercept Proprietary Material - Please do not copy or distribute". Social Media Profile
  • 14. "Infopercept Proprietary Material - Please do not copy or distribute". NoDecoyin Email Client
  • 15. "Infopercept Proprietary Material - Please do not copy or distribute". Now we AddtoEmail Client Decoy
  • 16. "Infopercept Proprietary Material - Please do not copy or distribute". Now we Addrequired details to Email Client Decoy
  • 17. "Infopercept Proprietary Material - Please do not copy or distribute". We then addrequisite details to Email Client Decoy
  • 18. "Infopercept Proprietary Material - Please do not copy or distribute". Email Client Decoy is now set togo toDecoyManagement TheClicktoManage Decoyletsyou toseetheAddedDecoy ListonLeftSideoftheDecoy ManagementPage.
  • 19. "Infopercept Proprietary Material - Please do not copy or distribute". Dejavu Console PagetoSeetheActiveAttacks– Atthisstage,wedon’thaveanyActiveAttackLogsonConsole
  • 20. "Infopercept Proprietary Material - Please do not copy or distribute". Sending Email SendanEmail toStevend@myexmaple.comuserfor Phishingobjective.
  • 21. "Infopercept Proprietary Material - Please do not copy or distribute". Email Box Usermailbox iscurrentlyemptyandthereare noexistingEmails
  • 22. "Infopercept Proprietary Material - Please do not copy or distribute". Dejavu Attacks logs PhishingEmail AddressisShowingon DejavuAttackslogs –ForDetailedLogsandtoseetheemailContentyouneedtoClickView Logs
  • 23. "Infopercept Proprietary Material - Please do not copy or distribute". Email Phishing Client Detail Logs ToseethePhishingEmail Content,click on Envelopicon andDownloadtheEmail
  • 24. "Infopercept Proprietary Material - Please do not copy or distribute". Sending Email SendanEmail toStevend@myexmaple.com userforPhishingPurpose Note:ThisLogTriggersWAZUHSIEM TOOL
  • 25. "Infopercept Proprietary Material - Please do not copy or distribute". Phishing Email Alert on Dejavu Console
  • 26. "Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Dashboard Alert
  • 27. "Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Phishing Email Event Log
  • 28. "Infopercept Proprietary Material - Please do not copy or distribute". WAZUH – Phishing Email SecurityEvents Log
  • 29. "Infopercept Proprietary Material - Please do not copy or distribute". WAZUH SIEM – SHUFFLESOAR Integration through Webhook Wazuh SIEM Integration with Shuffle SOAR for Automated Playbook to be executed for blocking the IP Address
  • 30. "Infopercept Proprietary Material - Please do not copy or distribute". SHUFFLE SOARPlaybook How Playbook would work ? 1 - Dejavu triggers an alert and sends it to Wazuh SIEM through syslog configuration. 2 - Integration of Wazuh SIEM is done with Shuffle. 3 - When an alert triggers in Wazuh from the Deception Email Client, it triggers the Shuffle Workflow. 4 - The system then starts analysis of the email header and IP Address. 5 - It pushes the IP address to MISP Threat Exchange Database for future reference and marks it as blacklisted. 6 - Creates a case in the Case Management Tool. 7 - Blocks IP Address in Email Security Gateway and Firewall
  • 31. "Infopercept Proprietary Material - Please do not copy or distribute". Forcybersecurity to have an upper hand, attacker’s sense is the most important approach. Like anti-phishing, in everycounter, attackers' tactics can be used to design and executea proactive cybersecurity solution. Opensource cybersecurity innovations help in leveraging attacker’s intelligence to preparecounter cybersecurity intelligence.
  • 32. "Infopercept Proprietary Material - Please do not copy or distribute". Automatic Incidence Response for Anti-Phishing Leveraging Deception 32 Personalized Threat Intelligence Gathering SMS Email Notification Notification Open Ticket Ticket Shuffle Soar Wazuh SIEM Shuffle Check Reputations Check Existing DB Block IP in NetworkFirewall API Webhook On Sending Email on Decoy Email Decoy 1.OBSERVE 2.ORIENT 3.DECIDE 4.ACT Case Management for SOC Team Social Media Decoy Block IOC in Email Security Gateway
  • 33. "Infopercept Proprietary Material - Please do not copy or distribute". Infopercept’s vision and core values revolve around making organizations more secure through the core values of Honesty, Transparency and Knowledge, so as to enable them to make better informed decisions about their security practices & goals. With our synergistic vision to combine technical expertise and professional experience, we aim to further establish our place as a one stop shop for our clients and partners’ cybersecurity and accreditation needs. Our specialized core team comprises of experienced veterans, technical experts & security enthusiasts having good practical experience & thorough knowledge in the Cybersecurity domain, are abreast of the latest trends and security innovations; ensuring that you always get the best security approach & solutions for your specific business needs, exactly the way you want it to be. About Infopercept Imprint © Infopercept Consulting Pvt. Ltd. 2021 Publisher H-1209, Titanium City Center, Satellite Road, Ahmedabad – 380 015, Gujarat, India. Contact Info M: +91 9898857117 W: www.infopercept.com E: sos@infopercept.com By accessing/ proceeding further with usage of this platform / tool / site /application, you agree with the Infopercept Consulting Pvt. Ltd.’s (ICPL) privacy policy and standard terms and conditions along with providing your consent to/for the same. For detailed understanding and review of privacy policy and standard terms and conditions. kindly visit www.infopercept.com or refer our privacy policy and standard terms and conditions. Global Offices United State of America +1 516 713 5040 United Kingdom +44 2035002056 Sri Lanka +94 702 958 909 Kuwait +965 6099 1177 India +91 9898857117 33
  • 34. "Infopercept Proprietary Material - Please do not copy or distribute". 34